a GSEC Gold paper to be
Apple’s PDF overview of security technologies and features for current release (10.6): http://images.apple.com/macosx/security/docs/MacOSX_Security_TB.pdf
There’s a lot of Mac OS X specific security technology, from the Keyring gui applications, integrated Kerberos, application firewall, code signing, Safari/Finder integrations and all the way down to specific BSD(ish) commands no other operating systems even have that support the security tools, including their certificate, firewall, drive image utilities and so on.
I think I can do a run through the interesting Mac specific security technologies, noting how they compare to the Linux and Windows offerings covered by GSEC and touch on some of the coolest Mac-specific security commands / applications … kinda like a book 6.5 that would expand the GSEC material to cover Macs along with Windows and Linux. I think the focus would be on the base technologies found in OS X and OS X Server but could focus on just server if that’s better.
Major sources are that PDF above, some Mac admin and security websites, the man pages :D and some books I have on Mac OS X / Server.
SourcesConference material: http://documentation.macsysadmin.se/2010/2010doc.html
Bartosh books for Panther and Tiger
Mac OS X for Unix Geeks, Fourth Edition by Brian Jepson, Ernest E. Rothman, and Rich Rosen, O'Reilly 2008 http://oreilly.com/catalog/9780596520625/
Check this one out, if only to pillage links: http://allthatiswrong.wordpress.com/2011/06/23/os-x-%E2%80%93-safe-yet-horribly-insecure/
Paul A, historical: http://www.brown.edu/cis/information_security/news/05-007.html
ISC, meta hardening: http://isc.sans.edu/diary/The+Ultimate+OS+X+Hardening+Guide+Collection/12616
ISC, Lion security features: http://isc.sans.org/diary.html?storyid=11245#comment
Joel Yonts, Mac OS X Malware Analysis: www.sans.org/reading_room/whitepapers/forensics/mac-os-malware-analysis_33178
gsec gold application:
Mac OS X has become a popular choice for information security professionals to use and Macintosh computers are commonly found in many enterprise environments. Without platform advocacy the flexibility and popularity of modern Mac systems is easily shown.
Mac OS X includes many unique security technologies ranging from the Keyring gui applications, integrated Kerberos, application firewall, code signing, Safari/Finder integrations all the way down to specific BSD(ish) commands no other operating systems have that support the security tools, including their certificate, firewall, drive image utilities.
Intent is to introduce the Mac OS X security frameworks and discuss the built-in tools with deliberate focus on the command line tools and system utilities not covered well by existing works such as Mac OS X for Geeks (O'Reilly) or OS X for Hackers (Syngress).
This paper builds on the security fundamentals and Linux and Windows platform material in GSEC /401 to expand the skills and knowledge of practitioners on a platform they will likely interact with daily.